--- /dev/null
+<?php
+
+namespace wcf\system\user\multifactor;
+
+use wcf\system\exception\NamedUserException;
+use wcf\system\WCF;
+
+/**
+ * Provides a method enforce the multi-factor requirement.
+ *
+ * @author Tim Duesterhus
+ * @copyright 2001-2020 WoltLab GmbH
+ * @license GNU Lesser General Public License <http://opensource.org/licenses/lgpl-license.php>
+ * @package WoltLabSuite\Core\System\User\Authentication
+ * @since 5.4
+ */
+trait TMultifactorRequirementEnforcer
+{
+ /**
+ * If the current user is in a group that requires multi-factor authentication and
+ * they do not have multi-factor authentication enabled, then an exception will be thrown.
+ *
+ * @throws NamedUserException If the user needs to enable multi-factor authentication.
+ */
+ private function enforceMultifactorAuthentication(): void
+ {
+ if (
+ WCF::getUser()->requiresMultifactor()
+ && !WCF::getUser()->multifactorActive
+ ) {
+ throw new NamedUserException(WCF::getLanguage()->getDynamicVariable(
+ 'wcf.user.security.requiresMultifactor'
+ ));
+ }
+ }
+}
<item name="wcf.user.security.multifactor.totp.success.add"><![CDATA[{if LANGUAGE_USE_INFORMAL_VARIANT}Dein{else}Ihr{/if} Smartphone <strong>{$deviceName}</strong> wurde erfolgreich hinterlegt.]]></item>
<item name="wcf.user.security.multifactor.totp.success.delete"><![CDATA[{if LANGUAGE_USE_INFORMAL_VARIANT}Dein{else}Ihr{/if} Smartphone <strong>{$deviceName}</strong> wurde erfolgreich entfernt.]]></item>
<item name="wcf.user.security.multifactor.totp.useTime"><![CDATA[Zuletzt Benutzt]]></item>
+ <item name="wcf.user.security.requiresMultifactor"><![CDATA[{if LANGUAGE_USE_INFORMAL_VARIANT}Du bist{else}Sie sind{/if} Mitglied einer Benutzergruppe, die verpflichtet ist, die Mehrfaktor-Authentifizierung zu nutzen. Bevor {if LANGUAGE_USE_INFORMAL_VARIANT}du{else}Sie{/if} auf diese Seite zugreifen {if LANGUAGE_USE_INFORMAL_VARIANT}darfst, musst du{else}dürfen, müssen Sie{/if} <a href="{link controller='AccountSecurity' forceFrontend=true}{/link}">die Mehrfaktor-Authentifizierung aktivieren</a>.]]></item>
<item name="wcf.user.security.sessionName"><![CDATA[{if $session->getUserAgent()->getBrowser()}{$session->getUserAgent()->getBrowser()}{if $session->getUserAgent()->getOS()} auf {$session->getUserAgent()->getOS()}{/if}{else}Unbekanntes Gerät{/if}]]></item>
</category>
<category name="wcf.user.trophy">
<item name="wcf.user.security.multifactor.totp.success.add"><![CDATA[Your smartphone <strong>{$deviceName}</strong> has successfully been added.]]></item>
<item name="wcf.user.security.multifactor.totp.success.delete"><![CDATA[Your smartphone <strong>{$deviceName}</strong> has successfully been removed.]]></item>
<item name="wcf.user.security.multifactor.totp.useTime"><![CDATA[Last Used]]></item>
+ <item name="wcf.user.security.requiresMultifactor"><![CDATA[You are a member of a user group that is required to use multi-factor authentication. Before you may access this page you must <a href="{link controller='AccountSecurity' forceFrontend=true}{/link}">enable multi-factor authentication</a>.]]></item>
<item name="wcf.user.security.sessionName"><![CDATA[{if $session->getUserAgent()->getBrowser()}{$session->getUserAgent()->getBrowser()}{if $session->getUserAgent()->getOS()} on {$session->getUserAgent()->getOS()}{/if}{else}Unknown Device{/if}]]></item>
</category>
<category name="wcf.user.trophy">